Set custom properties for an HTTP transport

Several HTTP transport properties are not shown in the administrative console settings page for an HTTP transport. To specify values for these custom properties for a specific transport on the HTTP transport Custom Properties page, follow these steps:

1. Start the administrative console.
2. In the topology tree, expand Servers and click Application Servers
3. Click the name of your application server.
4. On the application server page, click Web Container.
5. On the Web Container page, click HTTP Transports.
6. Click the host whose properties you want to set.
7. Under Additional Properties, click Custom Properties.

   Note: You can also set these properties on the Web Container Custom Properties page.

8. On the Custom Properties page, click New.
9. On the settings page for a new property, type the name of the transport property and the value that you want to set for that property. For example, if you want the transport to wait a maximum of 60 seconds when trying to read or write data during a request, type ConnectionIOTimeout for the name and 60 for the value.
10. After you specify each property, click OK.
11. Save the configuration.
12. Restart the server.
13. Regenerate the Web server plug-in configuration.

You can add any of these custom properties to manage HTTP transports:

• ConnectionIOTimeout
  Specifies the maximum number of seconds to wait when trying to read or process data during a request.

  This value determines how long the application server waits while receiving two subsequent data packets for the same HTTP request. For example, with the default ConnectionIOTimeout setting of five seconds, if an HTTP client sends two data packets spaced six seconds apart, the process times out, and the server throws a java.io.InterruptedIOException error. The server terminates the HTTP request, and the HTTP client must resubmit the request. The default value is 5 seconds.

  Note: When a client attempts to send a large amount of request data, such as a file upload, there is a greater possibility of an InterruptedIOException at the application server. To avoid this problem, you might want to increase the ConnectionIOTimeout value for the Web container.

• ConnectionKeepAliveTimeout
  Specifies the maximum number of seconds to wait for the next request on a keep-alive connection. The default value is 5 seconds.

• ConnectionResponseTimeout
  Specifies the maximum number of seconds to wait when trying to read or write data during a response. The default value is 300.

• KeepAliveEnabled
  Specifies whether to keep connections alive or not. The default value is true.

  You can set these properties on either the Web Container or HTTP Transport Custom Properties pages. When set on the Web container Custom Properties page, all transports inherit the properties. Setting the same properties on a transport overrides like settings defined for a Web container.

• MaxKeepAliveConnections
  Specifies the maximum number of concurrent keep-alive (persistent) connections across all HTTP transports. To make a particular transport close connections after a request, you can set MaxKeepAliveConnections to 0 (zero) or you can set KeepAliveEnabled to false on that transport.

  The Web server plug-in keeps connections open to the application server as long as it can. However, if the value of this property is too small, performance is negatively impacted because the plug-in has to open a new connection for each request instead of sending multiple requests through one connection. The application server might not accept a new connection under a heavy load if there are too many sockets in TIME_WAIT state. If all client requests are going through the Web server plug-in and there are many TIME_WAIT state sockets for port 9080, the application server is closing connections prematurely, which decreases performance. The application server closes the connection from the plug-in, or from any client, for any of the following reasons:

  • The client request was an HTTP 1.0 request when the Web server plug-in always sends HTTP 1.1 requests.
  • The maximum number of concurrent keep-alives was reached. A keep-alive must be obtained only once for the life of a connection, that is, after the first request is completed, but before the second request can be read.
  • The maximum number of requests for a connection was reached, preventing denial of service attacks in which a client tries to hold on to a keep-alive connection forever.
  • A time out occurred while waiting to read the next request or to read the remainder of the current request.

  The default value is 90% of the maximum number of threads in the Web container thread pool. This prevents all of the threads from being held by keep alive connections so that there are threads available to handle new incoming connect requests.

• MaxKeepAliveRequests
  Specifies the maximum number of requests which can be processed on a single keep alive connection. This parameter can help prevent denial-of-service attacks when a client tries to hold on to a keep-alive connection. The Web server plug-in keeps connections open to the application server as long as it can, providing optimum performance. The default value is 100.

• MutualAuthCBindCheck
  Specifies whether or not a client certificate should be resolved to a SAF principal. The default value is false. If you set this property to true, all SSL connections from a client must have a client certificate, and the user ID associated with the client certificate must have RACF CONTROL authority for CB.BIND.servername. If the client request does not meet these conditions, the connection is closed. To grant the certificate's user ID RACF CONTROL authority, run this command:

  PERMIT CB.BIND.servername CLASS(CBIND) ID(userID) ACCESS(CONTROL)

  where servername is the name of your application server and userID is the user ID that is associated with the client certificate.

• protocol_http_large_data_inbound_buffer
  Specifies the length, in bytes, of a serially reusable inbound buffer. The transport uses this buffer for HTTP requests that are larger than 10MB. The default value is 0. A value of 0 specifies that no buffer is needed, and the transport rejects client requests that are larger than 10MB.

• TrustedProxy
  Specifies whether or not the transport trusts Private Headers from a WebSphere Application Server - Express plug-in for a Web server.

• AccessLogDisable and AccessLog
  These properties specify access logging settings. For more information, see Configure access logging for internal Web server HTTP transports.

• ErrorLogDisable, ErrorLog, and LogLevel
  These properties specify error logging settings. For more information, see Configure logging for internal Web server HTTP transports.